<?php
if (!defined('ipos')) die("Please contact Y!m: ichphien_pro or Email: ichphien_pro@yahoo.com.");
include("../include/upload.php");
if($levelTL != 3) {
	die("Bạn không đủ quyền để truy cập trang này!");
}
// add temp
if($mode == "add") {
	if($_POST['submit'])	{
		$adv_name 		 = stripslashes(trim(urldecode($_POST['adv_name'])));
		$adv_vitri 		 = stripslashes(trim(urldecode($_POST['adv_vitri'])));
		$adv_url 		 = stripslashes(trim(urldecode($_POST['adv_url'])));
		$adv_phanloai 	 = stripslashes(trim(urldecode($_POST['adv_phanloai'])));
		$adv_stt 		 = stripslashes(trim(urldecode($_POST['adv_stt'])));
		$adv_status 	 = stripslashes(trim(urldecode($_POST['adv_status'])));
		// upload anh
		$advupload	=	ipupload("adv_img","adv",array('jpg','jpeg','png','gif','swf','JPG','JPEG','PNG','GIF','SWF'));
		if($advupload) {
			$adv_img = $advupload;
		}
		if($adv_name && $adv_stt && $adv_img) {
			$db->dbinstall("adv","adv_name,adv_vitri,adv_img,adv_url,adv_phanloai,adv_stt,adv_status","'$adv_name','$adv_vitri','$adv_img','$adv_url','$adv_phanloai','$adv_stt','$adv_status'");
			header("Location: index.php?ipos=adv");
		}
	}
	include_once("./code/php/html_adv.php");
}
//edit temp
elseif($mode == "edit") {
	$adv	=	$db->database("adv_name,adv_vitri,adv_img,adv_url,adv_phanloai,adv_stt,adv_status","adv","adv_id = '$ipid'");
	$adv_name 		 = $adv[0][0];
	$adv_vitri 		 = $adv[0][1];
	$adv_img 		 = $adv[0][2];
	$adv_url 		 = $adv[0][3];
	$adv_phanloai 	 = $adv[0][4];
	$adv_stt 		 = $adv[0][5];
	$adv_status 	 = $adv[0][6];
	if($_POST['submit'])	{
		$adv_name 		 = stripslashes(trim(urldecode($_POST['adv_name'])));
		$adv_vitri 		 = stripslashes(trim(urldecode($_POST['adv_vitri'])));
		$adv_url 		 = stripslashes(trim(urldecode($_POST['adv_url'])));
		$adv_phanloai 	 = stripslashes(trim(urldecode($_POST['adv_phanloai'])));
		$adv_stt 		 = stripslashes(trim(urldecode($_POST['adv_stt'])));
		$adv_status 	 = stripslashes(trim(urldecode($_POST['adv_status'])));
		// upload
		$advupload	=	ipupload("adv_img","adv",array('jpg','jpeg','png','gif','swf','JPG','JPEG','PNG','GIF','SWF'));
		if($advupload) {
			delFile($adv[0][2]);
			$adv_img = $advupload;
		}
		else {
			$adv_img = htmlchars(stripslashes(trim(urldecode($_POST['adv_img_name']))));	
		}
		
		if($adv_name && $adv_stt && $adv_img) {
			$db->dbupdate("adv","adv_name = '$adv_name',
						  		adv_vitri = '$adv_vitri',
								adv_img = '$adv_img',
								adv_url = '$adv_url',
								adv_phanloai = '$adv_phanloai',
								adv_stt = '$adv_stt',
								adv_status = '$adv_status'","adv_id = '$ipid'");
			header("Location: index.php?ipos=adv");
		}
	}
	include_once("./code/php/html_adv.php");
}
// delete
elseif($mode == "delete") {
	if($ipid) {
		$adv	=	$db->database("adv_img","adv","adv_id = '$ipid'");
		delFile($adv[0][0]);
		$db->dbdelete("adv","adv_id = '$ipid'");
		header("Location: index.php?ipos=adv");
	}
}
// delete
elseif($mode == "status") {
	$num	=	(int)$_GET['num'];
	if($num == 1)	
		$db->dbupdate("adv","adv_status = 1","adv_id = '$ipid'");
	if($num == 0)	
		$db->dbupdate("adv","adv_status = 0","adv_id = '$ipid'");
	header("Location: index.php?ipos=adv");
}
// list temp
else {
	include_once("./code/php/html_adv_list.php");
}
?>